Open Proxy Servers

Companies and ISPs often use caching in proxy servers to reduce the load on their networks. These proxy servers are often configured to proxy any port, with little regard to security. If nothing is blocking connections from the outside, it is possible to detect the vulnerable server by scanning the ports of a range of IP addresses.

Misconfigured Servers

Often, a proxy server is open because it has not been configured properly. Most of open proxy servers are not supposed to be public. The person that configured the server was not aware of the potential problems and security risks. It is very common to for a novice administrator to set up a proxy with access rights that allow anyone to connect. To close a proxy server it is necessary to force users to connect from one IP address or a range of IP addresses. An alternative is to require users to use a user name and password.

‘Honey Pots’ or ‘Honey Proxies’

Everything that is done on or through the open proxy server can be logged and traced. A honey pot is an open proxy server intentionally deployed by security professionals to lure hackers and track their every move. A honey pot can also be installed by a hacker. A hacker can put a proxy server up on his, or a victim’s computer and wait for a scanner to find it. Sending spam e-mail trough a honey pot proxy exposes the sender’s activity. When a spammer uses the proxy to send bulk email, it is possible to collect the content of the spam and report the spammer to his ISP.

Security Risks

When you use an open proxy server, your computer is making a direct connection to another computer. You do not know who is in control of the remote computer. If you are using proxy servers from open proxy lists, you could be trusting your email messages, passwords or other sensitive information to a person running the server. Someone can be watching the unencrypted information you are transferring over the network.

Lists of Open Proxies

To find available proxy servers, it is not necessary to scan a range of IP addresses. There are many lists available that are frequently updated. The servers on those lists are usually on a list one day and gone the next. When the network bandwidth drastically increases, the open proxy problem is easily found and resolved.